{"id":17436165,"url":"https://github.com/zupit/horusec-platform","last_synced_at":"2025-04-05T16:08:24.969Z","repository":{"id":40276343,"uuid":"346080437","full_name":"ZupIT/horusec-platform","owner":"ZupIT","description":"Horusec Platform is a set of web services that integrate with the Horusec CLI to facilitate the visualization and management of found vulnerabilities.","archived":false,"fork":false,"pushed_at":"2025-03-01T05:21:21.000Z","size":9831,"stargazers_count":63,"open_issues_count":81,"forks_count":25,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-03-14T16:04:44.144Z","etag":null,"topics":["css","email","golang","hacktoberfest","helm","javascript","keycloak","kubernetes","ldap","message-broker","operator","operator-sdk","react","scss","sql","typescript"],"latest_commit_sha":null,"homepage":"https://horusec.io","language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ZupIT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-03-09T17:00:57.000Z","updated_at":"2025-02-12T17:04:37.000Z","dependencies_parsed_at":"2023-10-03T02:54:53.218Z","dependency_job_id":"6599b4f4-6a0a-4aa3-9069-07ccdba8927e","html_url":"https://github.com/ZupIT/horusec-platform","commit_stats":{"total_commits":542,"total_committers":20,"mean_commits":27.1,"dds":0.5719557195571956,"last_synced_commit":"46e61fc85de39f8cb3354350f4571e5c9c8eff36"},"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-platform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-platform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-platform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ZupIT%2Fhorusec-platform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ZupIT","download_url":"https://codeload.github.com/ZupIT/horusec-platform/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243606853,"owners_count":20318314,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["css","email","golang","hacktoberfest","helm","javascript","keycloak","kubernetes","ldap","message-broker","operator","operator-sdk","react","scss","sql","typescript"],"created_at":"2024-10-17T10:05:03.138Z","updated_at":"2025-03-14T16:04:52.555Z","avatar_url":"https://github.com/ZupIT.png","language":"Go","readme":"\u003cp align=\"center\" margin=\"20 0\"\u003e\u003ca href=\"https://horusec.io/\"\u003e\n    \u003cimg src=\"https://github.com/ZupIT/horusec-devkit/blob/main/assets/horusec_logo.png?raw=true\" \n            alt=\"logo_header\" width=\"65%\" style=\"max-width:100%;\"/\u003e\u003c/a\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/pulse\" alt=\"activity\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/commit-activity/m/ZupIT/horusec-platform\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/graphs/contributors\" alt=\"contributors\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/contributors/ZupIT/horusec-platform\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/analytic-pipeline.yml\" alt=\"analytic\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Analytic?label=analytic\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/api-pipeline.yml\" alt=\"api\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Api?label=api\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/core-pipeline.yml\" alt=\"core\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Core?label=core\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/manager-pipeline.yml\" alt=\"manager\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Manager?label=manager\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/messages-pipeline.yml\" alt=\"messages\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Messages?label=messages\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/migrations-pipeline.yml\" alt=\"migrations\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Migrations?label=migrations\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/vulnerability-pipeline.yml\" alt=\"vulnerability\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Vulnerability?label=vulnerability\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/webhook-pipeline.yml\" alt=\"webhook\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Webhook?label=webhook\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/ZupIT/horusec-platform/actions/workflows/auth-pipeline.yml\" alt=\"auth\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/workflow/status/ZupIT/horusec-platform/Auth?label=auth\"/\u003e\u003c/a\u003e\n    \u003ca href=\"https://opensource.org/licenses/Apache-2.0\" alt=\"license\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/license-Apache%202-blue\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n# **Horusec Platform**\n\n## **Table of contents**\n### 1. [**About**](#about)\n### 2. [**Usage**](#usage)\n\u003e#### 2.1. [**Requirements**](#requirements)\n\u003e#### 2.2. [**Installation**](#installation)\n### 3. [**Features**](#features)\n### 4. [**Documentation**](#documentation)\n### 5. [**Issues**](#issues)\n### 6. [**Contributing**](#contributing)\n### 7. [**License**](#license)\n### 8. [**Community**](#community)\n\n## **About**\nHorusec Platform is a set of web services that integrate with [**Horusec-CLI**](https://github.com/ZupIT/horusec) to make it easier for you to see and manage the vulnerabilities. \n\n[comment]: \u003c\u003e (@todo add a gif of manager usage)\n\n\n## **Usage**\n\n### **Requirements**\nSee below the requirements to install Horusec-Platform: \n\n- [**RabbitMQ**](https://www.rabbitmq.com/)\n- [**PostgreSQL**](https://www.postgresql.org/)\n\n### **Installation**\nThere are several ways to install the Horusec-Platform in your environment.\nIn some of them, we use a **`make`** command to simplify the process.\nIf you want to know everything that will be executed, take a look at the **`Makefile`** located at the project's root.\n\nChoose what type of installation you want below, but remember to change the default environment variables values to new and secure ones.\n\n### **1. Install with docker compose**\nFollow the steps: \n\n**Step 1:** Run the command: \n```cmd\nmake install\n```\n\n**Step 2:** Start the docker compose file **`compose.yml`**. It has all services, migrations and the needed dependencies. \n- You can find the compose file in **`deployments/compose/compose.yaml`**; \n- You can find migrations in **`migrations/source`**.\n\n**Step 3:** Now the installation is ready with all default values, the latest versions, and the user for tests, see below:\n\n```\nUsername: dev@example.com\nPassword: Devpass0*\n```\n\nDocker compose file is configured to perform a standard installation by default.  \nIn the production environments' case, make sure to **change the values of the environment variables to new and secure ones**.\n\n\u003e :warning: We **do not recommend** using docker-compose installation in a productive environment.\n\nFor more information about Docker compose, check out [**Docker compose installation section**](https://horusec.io/docs/web/installation/install-with-docker-compose).\n\n### **2. Install with Helm**\n\nEach release contains its own helm files for that specific version, you can find them [**in the repository**](https://github.com/ZupIT/horusec-platform/releases) and in the folder **`deployments/helm`**.\nIn both cases, they will be separated by each service of the architecture.\n\nFor more information, check out [**the installing with Helm section**](https://horusec.io/docs/web/installation/install-with-helm).\n\n### **3. Install with Horusec-Operator**\n\nHorusec-Operator manages Horusec web services and its Kubernetes cluster. It was created based on the community’s idea to have a simpler way to install the services in an environment using Kubernetes. \n\n-  Check out how to install Horusec-Operator in our [**installation section**](https://horusec.io/docs/web/installation/install-with-operator/).\n- For more information about Kubernetes Operators, [**check out the documentation**](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/).\n\n\n## **Features**\n\nHorusec-Platform provides several features, see some of them below. \n\n### **MultiTenancy**\n\nIt distributes only the necessary [**permissions**](https://horusec.io/docs/web/overview/#1-multitenant) according to each user: \n\n\u003cp align=\"center\" margin=\"20 0\"\u003e\u003cimg src=\"assets/horusec-invite-users-1.png\" alt=\"multiTenancy\" width=\"100%\" style=\"max-width:100%;\"/\u003e\u003c/p\u003e\n\n### **Dashboard**\n\nThe dashboard shows you several metrics about your workspaces and repositories' vulnerabilities:\n\n\u003cp align=\"center\" margin=\"20 0\"\u003e\u003cimg src=\"assets/horusec-dashboard-1.png\" alt=\"dashboard\" width=\"100%\" style=\"max-width:100%;\"/\u003e\u003c/p\u003e\n\n### **Vulnerability Management**\n\nThe vulnerability management screen allows you to identify false positives and accepted risks. You can modify a severity to an appropriate value to the reality of the vulnerability:\n\n\u003cp align=\"center\" margin=\"20 0\"\u003e\u003cimg src=\"assets/horusec-vuln-management-1.png\" alt=\"vuln-management\" width=\"100%\" style=\"max-width:100%;\"/\u003e\u003c/p\u003e\n\n### **Tokens**\nIt creates workspaces or repositories authentication \n[**tokens**](https://horusec.io/docs/tutorials/how-to-create-an-authorization-token) for your pipeline: \n\n\u003cp align=\"center\" margin=\"20 0\"\u003e\u003cimg src=\"assets/horusec-create-token-1.png\" alt=\"tokens\" width=\"100%\" style=\"max-width:100%;\"/\u003e\u003c/p\u003e\n\n### **Authentication Types**\n\nYou can choose which form of authentication you will use with Horusec-Platform.\n\nThere are three possibilities:\n\n- HORUSEC (native) \n- LDAP\n- KEYCLOAK\n\nFor more information about authentication types, check out our [**documentation**](https://horusec.io/docs/tutorials/how-to-change-authentication-types).\n\n[comment]: \u003c\u003e ([comment]: \u003c\u003e \u0026#40;## Migrating From V1\u0026#41;)\n\n[comment]: \u003c\u003e (For more information on migrating from the previous version to the current one see our )\n\n[comment]: \u003c\u003e ([documentation]\u0026#40;@todo\u0026#41;.)\n\n## **Documentation**\n\nFor more information about Horusec, please check out the [**documentation**](https://horusec.io/docs/).\n\n## **Issues**\n\nTo open or track an issue for this project, in order to better coordinate your discussions, we recommend that you use the [**Issues tab**](https://github.com/ZupIT/horusec/issues) in the main [**Horusec**](https://github.com/ZupIT/horusec) repository.\n\n## **Contributing**\n\nIf you want to contribute to this repository, access our [**Contributing Guide**](https://github.com/ZupIT/horusec-platform/blob/main/CONTRIBUTING.md). \n\n### **Developer Certificate of Origin - DCO**\n\n This is a security layer for the project and for the developers. It is mandatory.\n \n Follow one of these two methods to add DCO to your commits:\n \n**1. Command line**\n Follow the steps: \n **Step 1:** Configure your local git environment adding the same name and e-mail configured at your GitHub account. It helps to sign commits manually during reviews and suggestions.\n\n ```\ngit config --global user.name “Name”\ngit config --global user.email “email@domain.com.br”\n```\n**Step 2:** Add the Signed-off-by line with the `'-s'` flag in the git commit command:\n\n```\n$ git commit -s -m \"This is my commit message\"\n```\n\n**2. GitHub website**\nYou can also manually sign your commits during GitHub reviews and suggestions, follow the steps below: \n\n**Step 1:** When the commit changes box opens, manually type or paste your signature in the comment box, see the example:\n\n```\nSigned-off-by: Name \u003c e-mail address \u003e\n```\n\nFor this method, your name and e-mail must be the same registered on your GitHub account.\n\n## **License**\n[**Apache License 2.0**](https://github.com/ZupIT/horusec-platform/blob/main/LICENSE).\n\n## **Community**\nDo you have any question about Horusec? Let's chat in our [**forum**](https://forum.zup.com.br/).\n\n\nThis project exists thanks to all the contributors. You rock! ❤️🚀\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzupit%2Fhorusec-platform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzupit%2Fhorusec-platform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzupit%2Fhorusec-platform/lists"}